content-fact-check-article
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes untrusted data from local article files and external web content.
- Ingestion points: The skill ingests data from local paths using the
Readtool and from external URLs via theWebFetchtool. - Boundary markers: The prompt lacks explicit delimiters or instructions to ignore embedded commands within the processed article or web data.
- Capability inventory: The skill is limited to read-only and search operations (
Read,Glob,Grep,WebSearch,WebFetch) and does not possess capabilities for file modification or command execution. - Sanitization: No sanitization or validation of the ingested text is performed.
- [EXTERNAL_DOWNLOADS]: The skill retrieves verification data from well-known official Spanish government portals, including the Agencia Tributaria, Seguridad Social, and the Boletín Oficial del Estado (BOE).
Audit Metadata